Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal: add repository security advisory #30

Open
bjohansebas opened this issue Oct 6, 2024 · 1 comment
Open

Proposal: add repository security advisory #30

bjohansebas opened this issue Oct 6, 2024 · 1 comment

Comments

@bjohansebas
Copy link
Member

GitHub has a feature that allows creating a draft security advisory to privately discuss and fix a security vulnerability, similar to how issue templates work.

For example, Next.js has this feature enabled:
image

I believe this would improve the process of reporting potential vulnerabilities in Express and its packages.

ref:

@UlisesGascon
Copy link
Member

Yep! We will add this to all the repos at some point (hope soon). I will transfer the issue to the Security-wg for execution 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants